Unrated severityNVD Advisory· Published Mar 3, 2014· Updated Apr 29, 2026
CVE-2013-4710
CVE-2013-4710
Description
Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636.
Affected products
14cpe:2.3:o:google:android:3.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:o:google:android:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:3.2.6:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- 50.56.33.56/blog/nvd
- emobile.jp/products/sh/a01sh/systemsoftware.htmlnvd
- jvn.jp/en/jp/JVN53768697/113349/index.htmlnvd
- jvn.jp/en/jp/JVN53768697/397327/index.htmlnvd
- jvn.jp/en/jp/JVN53768697/995293/index.htmlnvd
- jvn.jp/en/jp/JVN53768697/995312/index.htmlnvd
- jvn.jp/en/jp/JVN53768697/995417/index.htmlnvd
- jvn.jp/en/jp/JVN53768697/index.htmlnvd
- jvndb.jvn.jp/jvndb/JVNDB-2013-000111nvd
- openwall.com/lists/oss-security/2014/02/18/11nvd
News mentions
0No linked articles in our index yet.